Access Deluge WebUI with Apache and OpenSSL

Access Deluge WebUI with Apache and OpenSSL

If you want to hook deluge to a special domain like https://deluge.yourdomain.com, you can do it with the help of apache. It is helpfull to access to some place where other ports than 80 and 443 are blocked. First, here are 2 guides you can follow to install Apache and create a self-signed SSL certficate:

  1. Install Apache with PHP for your HTPC
  2. Create Self Signed SSL Certficate to secure your HTPC

Domain / Sub-Domains:

To hook deluge to a special domain you will need:

  1. A domain name: YOUDOMAIN.com. You can find free ones.
  2. A static IP Address, or a service like dyndns that let you update your IP Address dynamically (You can have free trial).
  3. Your domain name companies need to let you change the DNS information of your domain and sub-domains.
    I.E. you have bought themediaserver.com
    you can create a sub-domain: deluge.themediaserver.com
    Ask your hosting/parking company to change the DNS of deluge.themediaserver.com to point to your home Adress IP (i.e.: 87.59.577.26)

Hook deluge-web to apache:

Create an extra apache config file for your openSSL virtual domains and extra config.

  1. Be sure you have openssl installed : sudo apt-get install openssl
  2. Enable SSL module for apache: sudo a2enmod ssl
  3. Enable RewriteEngine Module for apache: sudo a2enmod rewrite
  4. Enable Proxy Module for apache: sudo a2enmod proxy_http
  5. Create new config file:
    sudo touch /etc/apache2/sites-available/hosts-ssl.conf sudo chmod 644 /etc/apache2/sites-available/hosts-ssl.conf sudo ln -s /etc/apache2/sites-available/hosts-ssl.conf /etc/apache2/sites-enabled/hosts-ssl.conf
  6. Enable SSL for APACHE
    Add this code to your conf file:
    sudo nano /etc/apache2/sites-available/hosts-ssl.conf
    #Uncomment next line if Apache is not already listening to your HTTPS port #Listen 443 https #SSL BASIC OPTIONS SSLSessionCache shmcb:/run/httpd/sslcache(512000) SSLSessionCacheTimeout 300 SSLRandomSeed startup file:/dev/urandom 256 SSLRandomSeed connect builtin SSLCryptoDevice builtin
  7. Force HTTPS connection
    Add this code to your conf file:
    sudo nano /etc/apache2/sites-available/hosts-ssl.conf:
    # ------------------------------ # IF YOU WANT TO FORCE HTTPS # THIS WILL REDIRECT ALL NON HTTP TO HTTPS URLS Redirect permanent / https://YOURDOMAIN.com/ ServerName YOURDOMAIN.com RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
  8. Default web folder
    Add this code to your conf file:
    sudo nano /etc/apache2/sites-available/hosts-ssl.conf:
    # BASIC ROOT FOLDER FOR HTTPS # you can set any folder as long as it has the good permissions DocumentRoot "/home/user01/www" ServerName SUDDOMAIN.YOURDOMAIN.com # Grant permissions to folder Options Indexes FollowSymLinks DirectoryIndex index.html AllowOverride All Order allow,deny Allow from all Require all granted LogLevel warn # SOME OPTIONS FOR YOUR SSL CONNECTION SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 # HERE YOU SET THE PATH TO YOUR CERTIFCATE YOU CREATE # SEE http://themediaserver.com/create-selft-signed-ssl-certficate-secure-your-htpc/ FOR MORE DETAILS SSLCertificateFile /etc/ssl/custom/server.crt SSLCertificateKeyFile /etc/ssl/custom/server.key
  9. HOOK deluge as Proxy:
    Add this code to your conf file:
    sudo nano /etc/apache2/sites-available/hosts-ssl.conf:
    ServerName deluge.YOURDOMAIN.com # WE TELL APACHE TO REDIRECT deluge.YOURDOMAIN.com to HTTP://localhost:8112 # IF YOU CHANGE YOUR DELUGE WEB-UI PORT YOU NEED TO SET IT HERE i.e. http://localhost:DELUGE_PORT/ ProxyRequests Off ProxyVia Off ProxyPreserveHost On ProxyPass / http://127.0.0.1:8112/ ProxyPassReverse / http://127.0.0.1:8112/ # SSL BASIC OPTIONS LogLevel warn SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 # HERE YOU SET THE PATH TO YOUR CERTIFCATE YOU CREATE # SEE http://themediaserver.com/create-selft-signed-ssl-certficate-secure-your-htpc/ FOR MORE DETAILS SSLProxyEngine on SSLEngine on SSLCertificateFile /etc/ssl/custom/server.crt SSLCertificateKeyFile /etc/ssl/custom/server.key